Why The Lynch Mob That’s After Mark Zuckerberg Has Got The Wrong Guy

To all of you — including the US Congress —  that want Mark Zuckerberg's head over the personal data that was gleaned from Facebook and used for profit by Cambridge Analytica, you have got the wrong guy. If you’re quitting Facebook, you might be doing it for the wrong reasons.

In the name of defining what a “social network” is or should be, no one person, and no one company, has done more to pioneer the delicate balance between privacy and social connectivity more than Mark Zuckerberg and Facebook. Nor has any organization been as transparent as Facebook has when it comes to communicating about that balance. This doesn't mean Facebook couldn't have done more or that it didn't err in some of its ways. Like with fatalaties involving self-driving cars (or even when cars first hit the road), the early days of any technology are bound to be bumpy. In this case, Zuckerberg and Facebook are just convenient scapegoats in a very public lynching involving one of the most serious problems on the Internet. More importantly, the real bogeyman is still out there.

Kangaroo Court?

It was maddening to listen to Facebook CEO and founder Mark Zuckerberg testify (if you could really call it that) in last week’s Congressional hearings. Instead of good solid insightful testimony, we got congresspeople doing a lot of what they often do best: Congress-splaining. Congress-splaining about matters they simply do not understand.

It reminded me of the action the Federal Government took in response to the growing specter of unsolicited email (aka SPAM). Originally, there was a proposal that had some real teeth in it. But then legislators got their hands on it and now we have the nearly worthless Can-Spam Act and what else? A ton of spam in our inboxes.

I’m still trying to make sense of how some congresspeople contrived their own lexicon to discuss the operational details of Facebook’s business, demanding that the CEO answer questions in that foreign context with only "Yes" or "No" answers. Before Zuckerberg could squeak-out even one syllable in response, the inquisitor would interrupt to testify on Zuckerberg’s behalf. Apparently, Zuckerberg thought he was supposed to answer the rhetorical questions.

By some accounts, up to 87 million individuals were negatively impacted in the Cambridge Analytica incident. However, recent revelations show that Cambridge Analytica may have gone much further than that. Yes, that’s a lot of people. But not as many as some of the ridiculous breaches brought about by lax security measures at some of America’s most well known brands. Meanwhile, Congress is spending its energy and valuable taxpayer dollars belittling the wrong man.

Though she won’t know it until she sees this column, I was inspired to write this analysis by Caroline Holland who gave a presentation at this month’s Washington DC API Meetup. Holland is a Tech Policy Fellow at Mozilla  — a lawyer by trade — who works on competition and antitrust issues. She’s looking into APIs and the role that open APIs play in promoting competition. She's also thinking about the potential risks of any overcorrections in the wake of the Cambridge Analytica affair that could restrict openness under the guise of privacy and security. Overcorrections that could have an anticompetitive impact on competition and innovation.

Already, the knee-jerk reaction has been SWIFT. Earlier this month (and without warning developers), Facebook pared-down the set of data that’s available through its namesake and Instagram APIs while further stiffening the language in its terms of service (a remedy that Zuckerberg promised in his initial response). Last week, another wave of sweeping Facebook and Instagram API deprecations came to light. Other Internet services whose execs no-doubt watched the hearings in horror, have proactively followed suit to avoid the possibility of becoming collateral damage. My inbox and favorite sites are smack with new privacy notifications and API contract changes, the last of which came from the OKCupid API, no longer the API it used to be. I’ve seen a bevy of pop-ups from across Google’s various properties and one recent morning, I woke up to this message plastered above my Facebook newsfeed:

Before Facebook, the Semantic Web

In 2001, World Wide Web inventor Sir Tim-Berners Lee began sharing his vision for a new version of the Web he called the Semantic Web. The basic premise of the Semantic Web introduced more capability to the same standardized hyperlinks that sparked the original Web’s explosion onto the tech scene. In the Semantic Web’s case, hyperlinking would be taken to a new level whereby items of data would be programmatically hyperlinked together in such a way that both machines and humans could effortlessly crawl chains of related information to find what they’re looking for.

The concept is simple. Take our government. “The US House of Representatives” is an organization. As an item of data, it’s chained to 435 people who are the Representatives. Each of those people is chained to a political party which in turn is chained to many more people. For example, operatives. The Representatives are also chained to states and districts, which in turn are chained to other data items. 

I’m oversimplifying, but, based on a technology known as RDF, essentially, the linkage in the chain is created by a pattern involving three items; a subject, a predicate, and an object. Taken together, these three items are referred to as a triple. Referring to the aforementioned political example, a subject could be Seth Moulton. The predicate (which describes the type of chain-link between the object and subject) could be “Member of." The object could be an organization like The House of Representatives. There could be another node where the subject is The House of Representatives and it could be a member or a department (the predicate) of the US Congress (the object). 

Taken together, these nodes can form an endless chain; a Semantic Web of data that enables humans and software to discover closely or distantly related items in milliseconds.  There’s even a language for querying that Semantic Web of data called SparQL (pronounced “sparkle”).  Like regular hyperlinks that jump from one website to another, this interconnected web of data can also cut across domains. Noticeably missing however was any built-in method, other than standard Web security methods, for firewalling links from one another.

Be sure to read the next Security article: Daily API RoundUp: Microsoft Graph Security, getweather.io, Notarize, Phish.AI